actions_extrafields.inc.php 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501
  1. <?php
  2. /* Copyright (C) 2011-2020 Laurent Destailleur <eldy@users.sourceforge.net>
  3. *
  4. * This program is free software; you can redistribute it and/or modify
  5. * it under the terms of the GNU General Public License as published by
  6. * the Free Software Foundation; either version 3 of the License, or
  7. * (at your option) any later version.
  8. *
  9. * This program is distributed in the hope that it will be useful,
  10. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. * GNU General Public License for more details.
  13. *
  14. * You should have received a copy of the GNU General Public License
  15. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  16. * or see https://www.gnu.org/
  17. *
  18. * $elementype must be defined.
  19. */
  20. /**
  21. * \file htdocs/core/actions_extrafields.inc.php
  22. * \brief Code for actions on extrafields admin pages
  23. */
  24. $maxsizestring = 255;
  25. $maxsizeint = 10;
  26. $mesg = array();
  27. $extrasize = GETPOST('size', 'intcomma');
  28. $type = GETPOST('type', 'alphanohtml');
  29. $param = GETPOST('param', 'alphanohtml');
  30. $css = GETPOST('css', 'alphanohtml');
  31. $cssview = GETPOST('cssview', 'alphanohtml');
  32. $csslist = GETPOST('csslist', 'alphanohtml');
  33. $confirm = GETPOST('confirm', 'alpha');
  34. if ($type == 'double' && strpos($extrasize, ',') === false) {
  35. $extrasize = '24,8';
  36. }
  37. if ($type == 'date') {
  38. $extrasize = '';
  39. }
  40. if ($type == 'datetime') {
  41. $extrasize = '';
  42. }
  43. if ($type == 'select') {
  44. $extrasize = '';
  45. }
  46. $listofreservedwords = array(
  47. 'ADD', 'ALL', 'ALTER', 'ANALYZE', 'AND', 'AS', 'ASENSITIVE', 'BEFORE', 'BETWEEN', 'BINARY', 'BLOB', 'BOTH', 'CALL', 'CASCADE', 'CASE', 'CHANGE', 'CHAR', 'CHARACTER', 'CHECK', 'COLLATE', 'COLUMN', 'CONDITION', 'CONSTRAINT', 'CONTINUE', 'CONVERT', 'CREATE', 'CROSS', 'CURRENT_DATE', 'CURRENT_TIME', 'CURRENT_TIMESTAMP', 'CURRENT_USER',
  48. 'CURSOR', 'DATABASE', 'DATABASES', 'DAY_HOUR', 'DAY_MICROSECOND', 'DAY_MINUTE', 'DAY_SECOND', 'DECIMAL', 'DECLARE', 'DEFAULT', 'DELAYED', 'DELETE', 'DESC', 'DESCRIBE', 'DETERMINISTIC', 'DISTINCT', 'DISTINCTROW', 'DOUBLE', 'DROP', 'DUAL',
  49. 'EACH', 'ELSE', 'ELSEIF', 'ENCLOSED', 'ESCAPED', 'EXISTS', 'EXPLAIN', 'FALSE', 'FETCH', 'FLOAT', 'FLOAT4', 'FLOAT8', 'FORCE', 'FOREIGN', 'FULLTEXT', 'GRANT', 'GROUP', 'HAVING', 'HIGH_PRIORITY', 'HOUR_MICROSECOND', 'HOUR_MINUTE', 'HOUR_SECOND',
  50. 'IGNORE', 'IGNORE_SERVER_IDS', 'INDEX', 'INFILE', 'INNER', 'INOUT', 'INSENSITIVE', 'INSERT', 'INT', 'INTEGER', 'INTERVAL', 'INTO', 'ITERATE',
  51. 'KEYS', 'KEYWORD', 'LEADING', 'LEAVE', 'LEFT', 'LIKE', 'LIMIT', 'LINES', 'LOCALTIME', 'LOCALTIMESTAMP', 'LONGBLOB', 'LONGTEXT', 'MASTER_SSL_VERIFY_SERVER_CERT', 'MATCH', 'MEDIUMBLOB', 'MEDIUMINT', 'MEDIUMTEXT', 'MIDDLEINT', 'MINUTE_MICROSECOND', 'MINUTE_SECOND', 'MODIFIES', 'NATURAL', 'NOT', 'NO_WRITE_TO_BINLOG', 'NUMERIC',
  52. 'ON', 'OPTION', 'OPTIONALLY', 'OUTER', 'OUTFILE',
  53. 'PARTITION', 'POSITION', 'PRECISION', 'PRIMARY', 'PROCEDURE', 'PURGE', 'RANGE', 'READS', 'READ_WRITE', 'REAL', 'REFERENCES', 'REGEXP', 'RELEASE', 'RENAME', 'REPEAT', 'REQUIRE', 'RESTRICT', 'RETURN', 'REVOKE', 'RIGHT', 'RLIKE',
  54. 'SCHEMAS', 'SECOND_MICROSECOND', 'SENSITIVE', 'SEPARATOR', 'SIGNAL', 'SMALLINT', 'SPATIAL', 'SPECIFIC', 'SQLEXCEPTION', 'SQLSTATE', 'SQLWARNING', 'SQL_BIG_RESULT', 'SQL_CALC_FOUND_ROWS', 'SQL_SMALL_RESULT', 'SSL', 'STARTING', 'STRAIGHT_JOIN',
  55. 'TABLE', 'TERMINATED', 'TINYBLOB', 'TINYINT', 'TINYTEXT', 'TRAILING', 'TRIGGER', 'UNDO', 'UNIQUE', 'UNSIGNED', 'UPDATE', 'USAGE', 'USING', 'UTC_DATE', 'UTC_TIME', 'UTC_TIMESTAMP', 'VALUES', 'VARBINARY', 'VARCHAR', 'VARYING',
  56. 'WHEN', 'WHERE', 'WHILE', 'WRITE', 'XOR', 'YEAR_MONTH', 'ZEROFILL'
  57. );
  58. // Add attribute
  59. if ($action == 'add') {
  60. if (GETPOST("button") != $langs->trans("Cancel")) {
  61. // Check values
  62. if (!$type) {
  63. $error++;
  64. $langs->load("errors");
  65. $mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Type"));
  66. $action = 'create';
  67. }
  68. if ($type == 'varchar' && $extrasize <= 0) {
  69. $error++;
  70. $langs->load("errors");
  71. $mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Size"));
  72. $action = 'edit';
  73. }
  74. if ($type == 'varchar' && $extrasize > $maxsizestring) {
  75. $error++;
  76. $langs->load("errors");
  77. $mesg[] = $langs->trans("ErrorSizeTooLongForVarcharType", $maxsizestring);
  78. $action = 'create';
  79. }
  80. if ($type == 'int' && $extrasize > $maxsizeint) {
  81. $error++;
  82. $langs->load("errors");
  83. $mesg[] = $langs->trans("ErrorSizeTooLongForIntType", $maxsizeint);
  84. $action = 'create';
  85. }
  86. if ($type == 'select' && !$param) {
  87. $error++;
  88. $langs->load("errors");
  89. $mesg[] = $langs->trans("ErrorNoValueForSelectType");
  90. $action = 'create';
  91. }
  92. if ($type == 'sellist' && !$param) {
  93. $error++;
  94. $langs->load("errors");
  95. $mesg[] = $langs->trans("ErrorNoValueForSelectListType");
  96. $action = 'create';
  97. }
  98. if ($type == 'checkbox' && !$param) {
  99. $error++;
  100. $langs->load("errors");
  101. $mesg[] = $langs->trans("ErrorNoValueForCheckBoxType");
  102. $action = 'create';
  103. }
  104. if ($type == 'link' && !$param) {
  105. $error++;
  106. $langs->load("errors");
  107. $mesg[] = $langs->trans("ErrorNoValueForLinkType");
  108. $action = 'create';
  109. }
  110. if ($type == 'radio' && !$param) {
  111. $error++;
  112. $langs->load("errors");
  113. $mesg[] = $langs->trans("ErrorNoValueForRadioType");
  114. $action = 'create';
  115. }
  116. if ((($type == 'radio') || ($type == 'checkbox')) && $param) {
  117. // Construct array for parameter (value of select list)
  118. $parameters = $param;
  119. $parameters_array = explode("\r\n", $parameters);
  120. foreach ($parameters_array as $param_ligne) {
  121. if (!empty($param_ligne)) {
  122. if (preg_match_all('/,/', $param_ligne, $matches)) {
  123. if (count($matches[0]) > 1) {
  124. $error++;
  125. $langs->load("errors");
  126. $mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
  127. $action = 'create';
  128. }
  129. } else {
  130. $error++;
  131. $langs->load("errors");
  132. $mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
  133. $action = 'create';
  134. }
  135. }
  136. }
  137. }
  138. if (!$error) {
  139. if (strlen(GETPOST('attrname', 'aZ09')) < 3) {
  140. $error++;
  141. $langs->load("errors");
  142. $mesg[] = $langs->trans("ErrorValueLength", $langs->transnoentitiesnoconv("AttributeCode"), 3);
  143. $action = 'create';
  144. }
  145. }
  146. // Check reserved keyword with more than 3 characters
  147. if (!$error) {
  148. if (in_array(strtoupper(GETPOST('attrname', 'aZ09')), $listofreservedwords)) {
  149. $error++;
  150. $langs->load("errors");
  151. $mesg[] = $langs->trans("ErrorReservedKeyword", GETPOST('attrname', 'aZ09'));
  152. $action = 'create';
  153. }
  154. }
  155. if (!$error) {
  156. // attrname must be alphabetical and lower case only
  157. if (GETPOSTISSET("attrname") && preg_match("/^[a-z0-9_]+$/", GETPOST('attrname', 'aZ09')) && !is_numeric(GETPOST('attrname', 'aZ09'))) {
  158. // Construct array for parameter (value of select list)
  159. $default_value = GETPOST('default_value', 'alpha');
  160. $parameters = $param;
  161. $parameters_array = explode("\r\n", $parameters);
  162. $params = array();
  163. //In sellist we have only one line and it can have come to do SQL expression
  164. if ($type == 'sellist' || $type == 'chkbxlst') {
  165. foreach ($parameters_array as $param_ligne) {
  166. $params['options'] = array($parameters=>null);
  167. }
  168. } else {
  169. // Else it's separated key/value and coma list
  170. foreach ($parameters_array as $param_ligne) {
  171. if (strpos($param_ligne, ',')!==false) {
  172. list($key, $value) = explode(',', $param_ligne);
  173. if (!array_key_exists('options', $params)) {
  174. $params['options'] = array();
  175. }
  176. } else {
  177. $key=$param_ligne;
  178. $value=null;
  179. }
  180. $params['options'][$key] = $value;
  181. }
  182. }
  183. // Visibility: -1=not visible by default in list, 1=visible, 0=hidden
  184. $visibility = GETPOST('list', 'alpha');
  185. if ($type == 'separate') {
  186. $visibility = 3;
  187. }
  188. $result = $extrafields->addExtraField(
  189. GETPOST('attrname', 'aZ09'),
  190. GETPOST('label', 'alpha'),
  191. $type,
  192. GETPOST('pos', 'int'),
  193. $extrasize,
  194. $elementtype,
  195. (GETPOST('unique', 'alpha') ? 1 : 0),
  196. (GETPOST('required', 'alpha') ? 1 : 0),
  197. $default_value,
  198. $params,
  199. (GETPOST('alwayseditable', 'alpha') ? 1 : 0),
  200. (GETPOST('perms', 'alpha') ? GETPOST('perms', 'alpha') : ''),
  201. $visibility,
  202. GETPOST('help', 'alpha'),
  203. GETPOST('computed_value', 'alpha'),
  204. (GETPOST('entitycurrentorall', 'alpha') ? 0 : ''),
  205. GETPOST('langfile', 'alpha'),
  206. 1,
  207. (GETPOST('totalizable', 'alpha') ? 1 : 0),
  208. GETPOST('printable', 'alpha'),
  209. array('css' => $css, 'cssview' => $cssview, 'csslist' => $csslist)
  210. );
  211. if ($result > 0) {
  212. setEventMessages($langs->trans('SetupSaved'), null, 'mesgs');
  213. header("Location: ".$_SERVER["PHP_SELF"]);
  214. exit;
  215. } else {
  216. $error++;
  217. $mesg = $extrafields->error;
  218. setEventMessages($mesg, null, 'errors');
  219. }
  220. } else {
  221. $error++;
  222. $langs->load("errors");
  223. $mesg = $langs->trans("ErrorFieldCanNotContainSpecialNorUpperCharacters", $langs->transnoentities("AttributeCode"));
  224. setEventMessages($mesg, null, 'errors');
  225. $action = 'create';
  226. }
  227. } else {
  228. setEventMessages($mesg, null, 'errors');
  229. }
  230. }
  231. }
  232. // Rename field
  233. if ($action == 'update') {
  234. if (GETPOST("button") != $langs->trans("Cancel")) {
  235. // Check values
  236. if (!$type) {
  237. $error++;
  238. $langs->load("errors");
  239. $mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Type"));
  240. $action = 'edit';
  241. }
  242. if ($type == 'varchar' && $extrasize <= 0) {
  243. $error++;
  244. $langs->load("errors");
  245. $mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Size"));
  246. $action = 'edit';
  247. }
  248. if ($type == 'varchar' && $extrasize > $maxsizestring) {
  249. $error++;
  250. $langs->load("errors");
  251. $mesg[] = $langs->trans("ErrorSizeTooLongForVarcharType", $maxsizestring);
  252. $action = 'edit';
  253. }
  254. if ($type == 'int' && $extrasize > $maxsizeint) {
  255. $error++;
  256. $langs->load("errors");
  257. $mesg[] = $langs->trans("ErrorSizeTooLongForIntType", $maxsizeint);
  258. $action = 'edit';
  259. }
  260. if ($type == 'select' && !$param) {
  261. $error++;
  262. $langs->load("errors");
  263. $mesg[] = $langs->trans("ErrorNoValueForSelectType");
  264. $action = 'edit';
  265. }
  266. if ($type == 'sellist' && !$param) {
  267. $error++;
  268. $langs->load("errors");
  269. $mesg[] = $langs->trans("ErrorNoValueForSelectListType");
  270. $action = 'edit';
  271. }
  272. if ($type == 'checkbox' && !$param) {
  273. $error++;
  274. $langs->load("errors");
  275. $mesg[] = $langs->trans("ErrorNoValueForCheckBoxType");
  276. $action = 'edit';
  277. }
  278. if ($type == 'radio' && !$param) {
  279. $error++;
  280. $langs->load("errors");
  281. $mesg[] = $langs->trans("ErrorNoValueForRadioType");
  282. $action = 'edit';
  283. }
  284. if ((($type == 'radio') || ($type == 'checkbox')) && $param) {
  285. // Construct array for parameter (value of select list)
  286. $parameters = $param;
  287. $parameters_array = explode("\r\n", $parameters);
  288. foreach ($parameters_array as $param_ligne) {
  289. if (!empty($param_ligne)) {
  290. if (preg_match_all('/,/', $param_ligne, $matches)) {
  291. if (count($matches[0]) > 1) {
  292. $error++;
  293. $langs->load("errors");
  294. $mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
  295. $action = 'edit';
  296. }
  297. } else {
  298. $error++;
  299. $langs->load("errors");
  300. $mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
  301. $action = 'edit';
  302. }
  303. }
  304. }
  305. }
  306. if (!$error) {
  307. if (strlen(GETPOST('attrname', 'aZ09')) < 3 && empty($conf->global->MAIN_DISABLE_EXTRAFIELDS_CHECK_FOR_UPDATE)) {
  308. $error++;
  309. $langs->load("errors");
  310. $mesg[] = $langs->trans("ErrorValueLength", $langs->transnoentitiesnoconv("AttributeCode"), 3);
  311. $action = 'edit';
  312. }
  313. }
  314. // Check reserved keyword with more than 3 characters
  315. if (!$error) {
  316. if (in_array(strtoupper(GETPOST('attrname', 'aZ09')), $listofreservedwords) && empty($conf->global->MAIN_DISABLE_EXTRAFIELDS_CHECK_FOR_UPDATE)) {
  317. $error++;
  318. $langs->load("errors");
  319. $mesg[] = $langs->trans("ErrorReservedKeyword", GETPOST('attrname', 'aZ09'));
  320. $action = 'edit';
  321. }
  322. }
  323. if (!$error) {
  324. if (GETPOSTISSET("attrname") && preg_match("/^\w[a-zA-Z0-9-_]*$/", GETPOST('attrname', 'aZ09')) && !is_numeric(GETPOST('attrname', 'aZ09'))) {
  325. $pos = GETPOST('pos', 'int');
  326. // Construct array for parameter (value of select list)
  327. $parameters = $param;
  328. $parameters_array = explode("\r\n", $parameters);
  329. $params = array();
  330. //In sellist we have only one line and it can have come to do SQL expression
  331. if ($type == 'sellist' || $type == 'chkbxlst') {
  332. foreach ($parameters_array as $param_ligne) {
  333. $params['options'] = array($parameters=>null);
  334. }
  335. } else {
  336. //Esle it's separated key/value and coma list
  337. foreach ($parameters_array as $param_ligne) {
  338. list($key, $value) = explode(',', $param_ligne);
  339. if (!array_key_exists('options', $params)) {
  340. $params['options'] = array();
  341. }
  342. $params['options'][$key] = $value;
  343. }
  344. }
  345. // Visibility: -1=not visible by default in list, 1=visible, 0=hidden
  346. $visibility = GETPOST('list', 'alpha');
  347. if ($type == 'separate') {
  348. $visibility = 3;
  349. }
  350. // Example: is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : 'objnotdefined'
  351. $computedvalue = GETPOST('computed_value', 'nohtml');
  352. $result = $extrafields->update(
  353. GETPOST('attrname', 'aZ09'),
  354. GETPOST('label', 'alpha'),
  355. $type,
  356. $extrasize,
  357. $elementtype,
  358. (GETPOST('unique', 'alpha') ? 1 : 0),
  359. (GETPOST('required', 'alpha') ? 1 : 0),
  360. $pos,
  361. $params,
  362. (GETPOST('alwayseditable', 'alpha') ? 1 : 0),
  363. (GETPOST('perms', 'alpha') ?GETPOST('perms', 'alpha') : ''),
  364. $visibility,
  365. GETPOST('help', 'alpha'),
  366. GETPOST('default_value', 'alpha'),
  367. $computedvalue,
  368. (GETPOST('entitycurrentorall', 'alpha') ? 0 : ''),
  369. GETPOST('langfile'),
  370. GETPOST('enabled', 'nohtml'),
  371. (GETPOST('totalizable', 'alpha') ? 1 : 0),
  372. GETPOST('printable', 'alpha'),
  373. array('css' => $css, 'cssview' => $cssview, 'csslist' => $csslist)
  374. );
  375. if ($result > 0) {
  376. setEventMessages($langs->trans('SetupSaved'), null, 'mesgs');
  377. header("Location: ".$_SERVER["PHP_SELF"]);
  378. exit;
  379. } else {
  380. $error++;
  381. $mesg = $extrafields->error;
  382. setEventMessages($mesg, null, 'errors');
  383. }
  384. } else {
  385. $error++;
  386. $langs->load("errors");
  387. $mesg = $langs->trans("ErrorFieldCanNotContainSpecialCharacters", $langs->transnoentities("AttributeCode"));
  388. setEventMessages($mesg, null, 'errors');
  389. }
  390. } else {
  391. setEventMessages($mesg, null, 'errors');
  392. }
  393. }
  394. }
  395. // Delete attribute
  396. if ($action == 'confirm_delete' && $confirm == "yes") {
  397. if (GETPOSTISSET("attrname") && preg_match("/^\w[a-zA-Z0-9-_]*$/", GETPOST("attrname", 'aZ09'))) {
  398. $attributekey = GETPOST('attrname', 'aZ09');
  399. $result = $extrafields->delete($attributekey, $elementtype);
  400. if ($result >= 0) {
  401. setEventMessages($langs->trans("ExtrafieldsDeleted", $attributekey), null, 'mesgs');
  402. header("Location: ".$_SERVER["PHP_SELF"]);
  403. exit;
  404. } else {
  405. $mesg = $extrafields->error;
  406. }
  407. } else {
  408. $error++;
  409. $langs->load("errors");
  410. $mesg = $langs->trans("ErrorFieldCanNotContainSpecialCharacters", $langs->transnoentities("AttributeCode"));
  411. }
  412. }
  413. // Recrypt data password
  414. if ($action == 'encrypt') {
  415. // Load $extrafields->attributes
  416. $extrafields->fetch_name_optionals_label($elementtype);
  417. $attributekey = GETPOST('attrname', 'aZ09');
  418. if (!empty($extrafields->attributes[$elementtype]['type'][$attributekey]) && $extrafields->attributes[$elementtype]['type'][$attributekey] == 'password') {
  419. if (!empty($extrafields->attributes[$elementtype]['param'][$attributekey]['options'])) {
  420. if (array_key_exists('dolcrypt', $extrafields->attributes[$elementtype]['param'][$attributekey]['options'])) {
  421. // We can encrypt data with dolCrypt()
  422. $arrayofelement = getElementProperties($elementtype);
  423. if (!empty($arrayofelement['table_element'])) {
  424. if ($extrafields->attributes[$elementtype]['entityid'][$attributekey] == $conf->entity || empty($extrafields->attributes[$elementtype]['entityid'][$attributekey])) {
  425. dol_syslog("Loop on each extafields of table ".$arrayofelement['table_element']);
  426. $sql .= "SELECT te.rowid, te.".$attributekey;
  427. $sql .= " FROM ".MAIN_DB_PREFIX.$arrayofelement['table_element']." as t, ".MAIN_DB_PREFIX.$arrayofelement['table_element'].'_extrafields as te';
  428. $sql .= " WHERE te.fk_object = t.rowid";
  429. $sql .= " AND te.".$attributekey." NOT LIKE 'dolcrypt:%'";
  430. $sql .= " AND te.".$attributekey." IS NOT NULL";
  431. $sql .= " AND te.".$attributekey." <> ''";
  432. if ($extrafields->attributes[$elementtype]['entityid'][$attributekey] == $conf->entity) {
  433. $sql .= " AND t.entity = ".getEntity($arrayofelement['table_element'], 0);
  434. }
  435. //print $sql;
  436. $nbupdatedone = 0;
  437. $resql = $db->query($sql);
  438. if ($resql) {
  439. $num_rows = $db->num_rows($resql);
  440. $i=0;
  441. while ($i < $num_rows) {
  442. $objtmp = $db->fetch_object($resql);
  443. $id = $objtmp->rowid;
  444. $pass = $objtmp->$attributekey;
  445. if ($pass) {
  446. $newpassword = dolEncrypt($pass);
  447. $sqlupdate = "UPDATE ".MAIN_DB_PREFIX.$arrayofelement['table_element'].'_extrafields';
  448. $sqlupdate .= " SET ".$attributekey." = '".$db->escape($newpassword)."'";
  449. $sqlupdate .= " WHERE rowid = ".((int) $id);
  450. $resupdate = $db->query($sqlupdate);
  451. if ($resupdate) {
  452. $nbupdatedone++;
  453. } else {
  454. setEventMessages($db->lasterror(), '', 'errors');
  455. $error++;
  456. break;
  457. }
  458. }
  459. $i++;
  460. }
  461. }
  462. if ($nbupdatedone > 0) {
  463. setEventMessages($langs->trans("PasswordFieldEncrypted", $nbupdatedone), null, 'mesgs');
  464. } else {
  465. setEventMessages($langs->trans("PasswordFieldEncrypted", $nbupdatedone), null, 'warnings');
  466. }
  467. }
  468. }
  469. }
  470. }
  471. }
  472. }